In today's world of Information Technology, companies want to make use of this technology
to add new solutions without compromising the use of new hardware and software features
on servers and data applications.
The search for modern technology has, as its major points, the speed and security of
information and the mainframe has some technologies available which allow us to make use of
these two important points through the coexistence of features that in previous versions were
incompatible, or it could not be enabled concurrently.
One of the features that allow us to implement security through the definition of rules to
control routed and local traffic is IP Security Filter that is enabled through the configuration of
policies implemented with the use of Policy Agent. It is configured at the IP layer so we have
the control over TCP, as well as, UDP traffic.
Another technology that is available with the purpose to accelerate forwarding at the DLC
layer for the following types of packets is the QDIO Accelerator:
Inbound packets over OSA‐Express QDIO that are forwarded outbound over OSA‐Express
Inbound packets over Hipersocket that are forwarded outbound over OSA‐Express QDIO.
Sysplex Distributor packets that are forwarded to a target stack.
The QDIO Accelerator improve latency and decrease CPU consumption for all accelerated
traffic when routing forwarded traffic early during inbound processing, however this feature is
available only for IPv4.
In previous versions of z/OS Communication Server, both features cannot be implemented
simultaneously due to restrictions imposed by policies configured for routed traffic.
Now with the new version of z/OS Communication Server, customers that have planned to
implement both features and faced limitations, can start at the Version 2 Release 1 to explore
the concurrency of both functions reading the details on z/OS Communication Server V2R1
TCP/IP Implementation: Volume 4 Security and Policy Based Networking , SG24‐7999 that
can be downloaded at IBM Redbooks web site.
Author: Gilson Cesar de Oliveira
He is an IT Technical Specialist in the Network area in Brasil working as a System Programmer. He held a degree in Computer Science
and specialization in Data Network. He has more than 23 years of experience in mainframe Network with expertise in
VTAM/SUBAREA/APPN, TCP/IP, OSA - Express, JES/2 – NJE, RACF/RRSF, Printing Management and Network Management. He is also
co-author of z/OS Communication Server TCP/IP Redbooks.